Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-43852

SecurityRealm captcha should use no-store as well as no cache in cache-control

    XMLWordPrintable

Details

    Description

      looking at the code I think that the no-store option should be used in addition to the no-cache.

      as navigating back or resubmitting the data will likely lead to an out of date captcha.

      Attachments

        Issue Links

          Activity

            teilo James Nord created issue -
            oleg_nenashev Oleg Nenashev made changes -
            Field Original Value New Value
            Labels security
            danielbeck Daniel Beck made changes -
            Labels security newbie-friendly security
            wfollonier Wadeck Follonier made changes -
            Assignee Wadeck Follonier [ wfollonier ]
            wfollonier Wadeck Follonier made changes -
            Status Open [ 1 ] In Progress [ 3 ]
            wfollonier Wadeck Follonier made changes -
            Remote Link This issue links to "#3126 (jenkins-core) (Web Link)" [ 17988 ]
            wfollonier Wadeck Follonier made changes -
            Status In Progress [ 3 ] In Review [ 10005 ]
            oleg_nenashev Oleg Nenashev made changes -
            Summary securityrealm captcha sould use no-store as well as no cache in cache-control SecurityRealm captcha should use no-store as well as no cache in cache-control
            oleg_nenashev Oleg Nenashev made changes -
            Resolution Fixed [ 1 ]
            Status In Review [ 10005 ] Resolved [ 5 ]
            oleg_nenashev Oleg Nenashev made changes -
            Labels newbie-friendly security lts-candidate newbie-friendly security
            olivergondza Oliver Gond┼ża made changes -
            Labels lts-candidate newbie-friendly security 2.89.1-fixed newbie-friendly security

            People

              wfollonier Wadeck Follonier
              teilo James Nord
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: